build: deploy PR builds to staging environment #143
Conversation
Extend GitHub Actions to automatically deploy the build output of a PR to a staging environment under a unique path. To preserve disk space, the deployment is removed when the PR is either merged or closed. ING-4710
|
In case the approach is generally OK, I'd go ahead and add the required GHA secrets ( |
stempler
left a comment
stempler
left a comment
There was a problem hiding this comment.
Looks good to me in principle, except for the known hosts (see comment).
Which server is used to host the files?
In hale-core I had used pr-preview-action to do similar thing in GitHub Pages, though I think both options are viable (and have their own specific advantages and disadvantages).
.github/workflows/build.yml
Outdated
| mkdir -p ~/.ssh | ||
| echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_ed25519 | ||
| chmod 600 ~/.ssh/id_ed25519 | ||
| ssh-keyscan ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts |
There was a problem hiding this comment.
I think this kind of works against the purpose of known hosts and this should probably rather be a specific secret or variable?
There was a problem hiding this comment.
Absolutely, thanks for the hint. I introduced a new secret SSH_KNOWN_HOSTS.
I created a Hetzner Cloud VM for it to get a quick solution for testing the major upgrade and allow challenging. My plan was to potentially migrate that to the tools cluster later.
I wasn't aware of that, thanks for the pointer! I think it would actually be the preferrable option, as it avoids us having to manage a separate staging instance. I'll look into it. |
Downside of the other approach is that it can "pollute" the repository with a lot of extra commits, even if not on the working branches. |
|
The current approach with deploying PR builds to a path like |
Extend GitHub Actions to automatically deploy the build output of a PR to a staging environment under a unique path.
To preserve disk space, the deployment is removed when the PR is either merged or closed.
ING-4710